454
Most Dangerous APT Hacker Group's Deadly Cyber Attacks of the Year 2021- Complete Collection
The APT advanced chronic possibility is known for launching refined attacks to rob pleasing, financial knowledge and cease undetected throughout the infrastructure. Listed here, we detect a listing of APT attacks from 2019 to 2021.
These hacker teams essentially aim enterprises despite the Industry, their targets encompass government, defense, financial services, upright services, industrial, telecoms, client goods and many extra.
The APT team entails experienced cybercriminals who can bypass safety provisions and reason as hurt and disruption as doable. These APT teams bear a particular aim they utilize time to detect them they customarily exploit them to cancel entry.
Many of the APT teams use personalized malware to waft under the radar. The APT attack classified into reasonably a type of phases including Planning the attack, mapping company knowledge, avoiding detection and compromising the community.
Unhealthy APT Hacker Community Attacks 2019
January
| 1 | Jan/16 | Most stylish Aim Attack of DarkHydruns Community In opposition to Heart East |
| 2 | Jan/17 | Malware Outmoded by “Rocke” Community Evolves to Evade Detection by Cloud Security Merchandise |
| 3 | Jan/18 | DarkHydrus delivers recent Trojan that can use Google Pressure for C2 communications |
| 4 | Jan/24 | GandCrab and Ursnif Campaign |
| 5 | Jan/30 | Centered Campaign delivers Orcus Far-off Gather entry to Trojan |
| 6 | Jan/30 | Double Lifetime of SectorA05 Nesting in Agora |
| 7 | Jan/30 | Chafer susceptible Remexi malware to gape on Iran-essentially based fully foreign diplomatic entities |
February
| 1 | Feb/01 | Monitoring OceanLotus’ recent Downloader, KerrDown |
| 2 | Feb/05 | Inspecting Digital Quartermasters in Asia – Carry out Chinese language and Indian APTs Accumulate a Shared Present Chain |
| 3 | Feb/06 | APT10 Centered Norwegian MSP and US Companies in Sustained Campaign |
| 4 | Feb/14 | Suspected Molerats’ Original Attack within the Heart East |
| 5 | Feb/18 | APT-C-36: Trusty Attacks Concentrating on Colombian Authorities Institutions and Companies |
| 6 | Feb/20 | IT IS IDENTIFIED ATTACKS OF THE CIBERCRIMINAL LAZARUS GROUP DIRECTED TO ORGANIZATIONS IN RUSSIA |
| 7 | Feb/25 | Defeating Compiler Level Obfuscations Outmoded in APT10 Malware |
| 8 | Feb/26 | The Arsenal In the help of the Australian Parliament Hack |
| 9 | Feb/27 | A Search into BRONZE UNION’s Toolbox |
March
| 1 | Mar/04 | APT40: Examining a China-Nexus Espionage Actor |
| 2 | Mar/06 | Whitefly: Espionage Community has Singapore in Its Sights |
| 3 | Mar/06 | Centered attack the use of Taidoor Evaluation legend |
| 4 | Mar/06 | Operation Pistacchietto |
| 5 | Mar/07 | Original SLUB Backdoor Uses GitHub, Communicates thru Slack |
| 6 | Mar/08 | Present Chain – The Predominant Aim of Cyberespionage Groups |
| 7 | Mar/11 | Gaming change silent within the scope of attackers in Asia |
| 8 | Mar/12 | Operation Comando: How to Bustle a Low-value and Efficient Credit score Card Industry |
| 9 | Mar/13 | Operation Sheep: Pilfer-Analytics SDK in Bolt |
| 10 | Mar/13 | ‘DMSniff’ POS Malware Actively Leveraged to Aim Diminutive-, Medium-Sized Businesses |
| 11 | Mar/13 | GlitchPOS: Original PoS malware within the marketplace |
| 12 | Mar/13 | LUCKY ELEPHANT CAMPAIGN MASQUERADING |
| 13 | Mar/22 | Operation ShadowHammer |
| 14 | Mar/25 | Elfin: Relentless Espionage Community Targets A whole lot of Organizations in Saudi Arabia and U.S. |
| 15 | Mar/27 | Chance Actor Community the use of UAC Bypass Module to dash BAT File |
| 16 | Mar/28 | Above Us Fully Stars: Exposing GPS Spoofing in Russia and Syria |
| 17 | Mar/28 | Desktop, Mobile Phishing Campaign Targets South Korean Internet sites, Steals Credentials By the use of Watering Gap |
April
| 1 | Apr/02 | OceanLotus Steganography |
| 2 | Apr/10 | Gaza Cybergang Group1, operation SneakyPastes |
| 3 | Apr/10 | Venture TajMahal – a fancy recent APT framework |
| 4 | Apr/10 | The Muddy Waters of APT Attacks |
| 5 | Apr/17 | DNS Hijacking Abuses Have faith In Core Web Provider |
| 6 | Apr/17 | Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Outmoded for C2 in Correctly-organized Scale Campaign |
| 7 | Apr/19 | “Funky malware structure” chanced on in Ocean Lotus sample |
| 8 | Apr/22 | FINTEAM: Trojanized TeamViewer In opposition to Authorities Targets |
| 9 | Apr/23 | Operation ShadowHammer: a high-profile present chain attack |
| 10 | Apr/24 | legit far flung admin instruments change into possibility actors’ instruments |
| 11 | Apr/30 | SectorB06 the use of Mongolian language in lure file |
Might per chance likely additionally
| 1 | Might per chance likely additionally/03 | Who’s who within the Zoo Cyberespionage operation targets Android users within the Heart East |
| 2 | Might per chance likely additionally/07 | Buckeye: Espionage Outfit Outmoded Equation Community Tools Sooner than Shadow Brokers Leak |
| 3 | Might per chance likely additionally/07 | Turla LightNeuron: An e-mail too far |
| 4 | Might per chance likely additionally/07 | ATMitch: Original Proof Noticed In The Wild |
| 5 | Might per chance likely additionally/08 | OceanLotus’ Attacks to Indochinese Peninsula: Evolution of Targets, Systems and Course of |
| 6 | Might per chance likely additionally/08 | FIN7.5: the unpleasant cybercrime rig “FIN7” continues its actions |
| 7 | Might per chance likely additionally/09 | Iranian Nation-Relate APT Groups – “Sad Field” Leak |
| 8 | Might per chance likely additionally/11 | Chinese language Actor APT aim Ministry of Justice Vietnamese |
| 9 | Might per chance likely additionally/13 | ScarCruft continues to conform, introduces Bluetooth harvester |
| 10 | Might per chance likely additionally/15 | Winnti: Greater than actual Windows and Gates |
| 11 | Might per chance likely additionally/18 | Operation_BlackLion |
| 12 | Might per chance likely additionally/19 | HiddenWasp Malware Stings Centered Linux Systems |
| 13 | Might per chance likely additionally/22 | A whisk to Zebrocy land |
| 14 | Might per chance likely additionally/24 | UNCOVERING NEW ACTIVITY BY APT10 |
| 15 | Might per chance likely additionally/27 | APT-C-38 |
| 16 | Might per chance likely additionally/28 | Emissary Panda Attacks Heart East Authorities Sharepoint Servers |
| 17 | Might per chance likely additionally/29 | TA505 is Increasing its Operations |
| 18 | Might per chance likely additionally/29 | A dive into Turla PowerShell utilization |
| 19 | Might per chance likely additionally/30 | 10 years of virtual dynamite: A high-stage retrospective of ATM malware |
June
| 1 | June/03 | Zebrocy’s Multilanguage Malware Salad |
| 2 | June/04 | An APT Blueprint: Gaining Original Visibility into Monetary Threats |
| 3 | June/05 | Scattered Canary The Evolution and Internal Workings of a West African Cybercriminal Startup Grew to change into BEC Endeavor |
| 4 | June/10 | MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and Original Submit-Exploitation Tools |
| 5 | June/11 | The Discovery of Fishwrap: A Original Social Media Facts Operation Methodology |
| 6 | June/12 | Chance Community Cards: A Chance Actor Encyclopedia |
| 7 | June/20 | Original Approaches Utilized by OceanLotus to Aim An Environmental Community in Vietnam |
| 8 | June/21 | Waterbug: Espionage Community Rolls Out Mark-Original Toolset in Attacks In opposition to Governments |
| 9 | June/25 | OPERATION SOFT CELL: A WORLDWIDE CAMPAIGN AGAINST TELECOMMUNICATIONS PROVIDERS |
| 10 | June/25 | Evaluation of MuddyC3, a Original Weapon Outmoded by MuddyWater |
| 11 | June/26 | Iranian Chance Actor Amasses Correctly-organized Cyber Operations Infrastructure Network to Aim Saudi Organizations |
July
| 1 | Jul/01 | Chance Highlight: Ratsnif – Original Network Vermin from OceanLotus |
| 2 | Jul/03 | Operation Tripoli |
| 3 | Jul/04 | A whole lot of Chinese language Chance Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Leisurely 2018 |
| 4 | Jul/04 | Most stylish Unsolicited mail Campaigns from TA505 Now Using Original Malware Tools Gelup and FlowerPippi |
| 5 | Jul/09 | Twas the evening earlier than |
| 6 | Jul/11 | Sea Turtle retains on swimming, finds recent victims, DNS hijacking methods |
| 7 | Jul/15 | Buhtrap team uses zero‑day in most up-to-date espionage campaigns |
| 8 | Jul/16 | SWEED: Exposing years of Agent Tesla campaigns |
| 9 | Jul/17 | SLUB Will get Rid of GitHub, Intensifies Slack Exercise |
| 10 | Jul/18 | EvilGnome: Rare Malware Spying on Linux Desktop Customers |
| 11 | Jul/18 | OKRUM AND KETRICAN: AN OVERVIEW OF RECENT KE3CHANG GROUP ACTIVITY |
| 12 | Jul/18 | Unsolicited mail Campaign Targets Colombian Entities with Customized-made ‘Proyecto RAT,’ Uses E-mail Provider YOPmail for C&C |
| 13 | Jul/20 | Laborious Pass: Declining APT34’s Invite to Be a part of Their Reputable Network |
| 14 | Jul/24 | Chinese language APT “Operation LagTime IT” Targets Authorities Facts Technology Agencies in Eastern Asia |
| 15 | Jul/24 | Attacking the Coronary heart of the German Industry |
August
| 1 | Aug/01 | Evaluation of the Attack of Mobile Devices by OceanLotus |
| 2 | Aug/05 | Sharpening the Machete |
| 3 | Aug/05 | Most stylish Trickbot Campaign Delivered thru Highly Obfuscated JS File |
| 4 | Aug/07 | APT41: A Dual Espionage and Cyber Crime Operation |
| 5 | Aug/08 | Suspected BITTER APT Continues Concentrating on Authorities of China and Chinese language Organizations |
| 6 | Aug/12 | Present Cloud Atlas verbalize |
| 7 | Aug/14 | In the Balkans, corporations are under fire from a double‑barreled weapon |
| 8 | Aug/20 | Malware prognosis about unknown Chinese language APT campaign |
| 9 | Aug/21 | Silence 2.0 |
| 10 | Aug/21 | The Gamaredon Community: A TTP Profile Evaluation |
| 11 | Aug/26 | APT-C-09 Reappeared as Battle Intensified Between India and Pakistan |
| 12 | Aug/27 | TA505 At It Again: Differ is the Spice of ServHelper and FlawedAmmyy |
| 13 | Aug/27 | China Chopper silent challenging 9 years later |
| 14 | Aug/27 | LYCEUM Takes Center Stage in Heart East Campaign |
| 15 | Aug/27 | Malware prognosis about sample of APT Patchwork |
| 16 | Aug/29 | SectorJ04 Community’s Elevated Task in 2019 |
| 17 | Aug/29 | More_eggs, Anybody? Chance Actor ITG08 Strikes Again |
| 18 | Aug/29 | Tick Tock – Actions of the Tick Cyber Espionage Community in East Asia Over the Closing 10 Years |
| 19 | Aug/30 | ‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Rob PayPal and Credit score Card Facts |
| 20 | Aug/31 | Malware prognosis on Bitter APT campaign |
September
| 1 | Sep/04 | Glupteba Campaign Hits Network Routers and Updates C&C Servers with Facts from Bitcoin Transactions |
| 2 | Sep/05 | UPSynergy: Chinese language-American Glance vs. Glance Memoir |
| 3 | Sep/06 | BITTER APT: No longer So Candy |
| 4 | Sep/09 | Thrip: Ambitious Attacks In opposition to Excessive Level Targets Proceed |
| 5 | Sep/11 | RANCOR APT: Suspected centered attacks in opposition to South East Asia |
| 6 | Sep/15 | The Kittens Are Befriend in Metropolis Charming Kitten Campaign In opposition to Tutorial Researchers |
| 7 | Sep/18 | Tortoiseshell Community Targets IT Suppliers in Saudi Arabia in Likely Present Chain Attacks |
| 8 | Sep/24 | Mapping the connections inner Russia’s APT Ecosystem |
| 9 | Sep/24 | How Tortoiseshell created a faux frail hiring web station to host malware |
| 10 | Sep/24 | DeadlyKiss APT |
| 11 | Sep/26 | Chinese language APT Hackers Attack Windows Customers thru FakeNarrator Malware to Implant PcShare Backdoor |
| 12 | Sep/30 | HELO Winnti: Attack or Scan? |
October
| 1 | Oct/01 | Original Fileless Botnet Novter Disbursed by KovCoreG Malvertising Campaign |
| 2 | Oct/01 | Original Adwind Campaign targets US Petroleum Industry |
| 3 | Oct/03 | PKPLUG: Chinese language Cyber Espionage Community Attacking Asia |
| 4 | Oct/04 | GEOST BOTNET. THE STORY OF THE DISCOVERY OF A NEW ANDROID BANKING TROJAN FROM AN OPSEC ERROR |
| 5 | Oct/07 | China-Based mostly APT Mustang Panda Targets Minority Groups, Public and Non-public Sector Organizations |
| 6 | Oct/07 | The Kittens Are Befriend in Metropolis 2 – Charming Kitten Campaign Keeps Happening, Using Original Impersonation Systems |
| 7 | Oct/07 | Present chain attacks: threats focusing on provider companies and create offices |
| 8 | Oct/10 | Attor, a gape platform with uncommon GSM fingerprinting |
| 9 | Oct/10 | CONNECTING THE DOTS Exposing the arsenal and strategies of the Winnti Community |
| 10 | Oct/10 | Mahalo FIN7: Responding to the Felony Operators’ Original Tools and Systems |
| 11 | Oct/14 | HUGE FAN OF YOUR WORK: TURBINE PANDA |
| 12 | Oct/14 | From tweet to rootkit |
| 13 | Oct/15 | LOWKEY: Hunting for the Lacking Volume Serial ID |
| 14 | Oct/17 | Operation Ghost: The Dukes aren’t help – they never left |
| 15 | Oct/21 | Winnti Community’s skip‑2.0: A Microsoft SQL Server backdoor |
| 16 | Oct/31 | MESSAGETAP: Who’s Reading Your Textual disclose Messages? |
November
| 1 | Nov/01 | Chrome 0-day exploit CVE-2019-13720 susceptible in Operation WizardOpium |
| 2 | Nov/04 | Higaisa APT |
| 3 | Nov/05 | THE LAZARUS’ GAZE TO THE WORLD: WHAT IS BEHIND THE FIRST STONE ? |
| 4 | Nov/08 | Titanium: the Platinum team strikes all every other time |
| 5 | Nov/13 | Greater than a Dozen Obfuscated APT33 Botnets Outmoded for Gross Slim Concentrating on |
| 6 | Nov/20 | Mac Backdoor Linked to Lazarus Targets Korean Customers |
| 7 | Nov/20 | Golden Eagle (APT-C-34) |
| 8 | Nov/25 | Studying Donot Crew |
| 9 | Nov/26 | Insights from twelve months of monitoring a polymorphic possibility: Dexphot |
| 10 | Nov/28 | RevengeHotels: cybercrime focusing on hotel entrance desks worldwide |
| 11 | Nov/29 | Operation ENDTRADE: Discovering Multi-Stage Backdoors that TICK |
December
| 1 | Dec/03 | Chance Actor Concentrating on Hong Kong Reputable-Democracy Figures |
| 2 | Dec/04 | Obfuscation Tools Chanced on within the Capesand Exploit Equipment Presumably Outmoded in “KurdishCoder” Campaign |
| 3 | Dec/04 | Original Unfavorable Wiper “ZeroCleare” Targets Strength Sector within the Heart East |
| 4 | Dec/11 | Waterbear is Befriend, Uses API Hooking to Evade Security Product Detection |
| 5 | Dec/12 | Operation Gamework: Infrastructure Overlaps Chanced on Between BlueAlpha and Iranian APTs |
| 6 | Dec/12 | GALLIUM: Concentrating on world telecom |
| 7 | Dec/12 | Drilling Deep: A Search at Cyberattacks on the Oil and Gas Industry |
2020 Attack checklist So Far
January
| 1 | Jan/01 | [WeiXin] Pakistan Sidewinder APT Attack |
| 2 | Jan/06 | First Energetic Attack Exploiting CVE-2019-2215 Chanced on on Google Play, Linked to SideWinder APT |
| 3 | Jan/07 | Unfavorable Attack: DUSTMAN |
| 4 | Jan/07 | Iranian Cyber Response to Death of IRGC Head Would Seemingly Exercise Reported TTPs and Old Gather entry to |
| 5 | Jan/08 | Operation AppleJeus Sequel |
| 6 | Jan/09 | The Relate of Threats to Electrical Entities in North The US |
| 7 | Jan/13 | APT27 ZxShell RootKit module updates |
| 8 | Jan/13 | Reviving MuddyC3 Outmoded by MuddyWater (IRAN) APT |
| 9 | Jan/16 | JhoneRAT: Cloud essentially based fully python RAT focusing on Heart Eastern international locations |
| 10 | Jan/31 | Winnti Community focusing on universities in Hong Kong |
February
| 1 | Feb/03 | Actors Aloof Exploiting SharePoint Vulnerability to Attack Heart East Authorities Organizations |
| 2 | Feb/10 | Outlaw Updates Equipment to Smash Older Miner Variations, Targets More Systems |
| 3 | Feb/13 | NEW CYBER ESPIONAGE CAMPAIGNS TARGETING PALESTINIANS – PART 2: THE DISCOVERY OF THE NEW, MYSTERIOUS PIEROGI BACKDOOR |
| 4 | Feb /17 | Fox Kitten Campaign |
| 5 | Feb /17 | CLAMBLING – A Original Backdoor Rotten On Dropbox (EN) |
| 6 | Feb /17 | A deep dive into the newest Gamaredon Espionage Campaign |
| 7 | Feb /18 | Operation DRBControl |
| 8 | Feb /19 | The Lazarus Constellation |
| 9 | Feb/22 | Cloud Snooper’ Attack Bypasses Firewall Security Measures |
| 10 | Feb/28 | Nortrom_Lion_APT |
March
- Mar 30 – The ‘Glance Cloud’ Operation: Geumseong121 team carries out the APT attack disguising the evidence of North Korean defection
- Mar 26 – iOS exploit chain deploys LightSpy characteristic-wealthy malware
- Mar 25 – This Is No longer a Test: APT41 Initiates World Intrusion Campaign Using A whole lot of Exploits
- Mar 24 – WildPressure targets industrial-linked entities within the Heart East
- Mar 24 – Operation Poisoned Facts: Hong Kong Customers Centered With Mobile Malware thru Local Facts Hyperlinks
- Mar 19 – Probing Pawn Storm : Cyberespionage Campaign Thru Scanning, Credential Phishing and More
- Mar 15 – APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
- Mar 12 – Vicious Panda: The COVID Campaign
- Mar 12 –Two-tailed scorpion APT-C-23
- Mar 12 – Monitoring Turla: Original backdoor delivered thru Armenian watering holes
- Mar 11 – Operation Overtrap Targets Japanese On-line Banking Customers By the use of Bottle Exploit Equipment and Mark-Original Cinobi Banking Trojan
- Mar 10 – WHO’S HACKING THE HACKERS: NO HONOR AMONG THIEVES
- Mar 05 – Dissecting Geost: Exposing the Anatomy of the Android Trojan Concentrating on Russian Banks
- Mar 05 – Guildma: The Devil drives electric
- Mar 03 – Original Perl Botnet (Tuyul) Chanced on with That you just’ll be in a position to imagine Indonesian Attribution
- Mar 03 – The North Korean Kimsuky APT retains threatening South Korea evolving its TTPs
- Mar 02 – APT34 (AKA OILRIG, AKA HELIX KITTEN) ATTACKS LEBANON GOVERNMENT ENTITIES WITH MAILDROPPER IMPLANTS
April
- Apr 29 – Chinese language Affect Operations Evolve in Campaigns Concentrating on Taiwanese Elections, Hong Kong Protests
- Apr 28 – Outlaw is Befriend, a Original Crypto-Botnet Targets European Organizations
- Apr 28 – Grandoreiro: How engorged can an EXE catch?
- Apr 24 – PoshC2
- Apr 21 – Negative Peek Chance Actor Resurfaces with iOS Exploit and Up up to now Implant
- Apr 20 – WINNTI GROUP: Insights From the Past
- Apr 17 – Gamaredon APT Community Exercise Covid-19 Entice in Campaigns
- Apr 16 – Exposing Modular Adware: How DealPly, IsErIk, and ManageX Persist in Systems
- Apr 16 – Giving Fraudsters the Frosty Shoulder: Contained within the Greatest Linked TV Bot Attack
- Apr 16 – Taiwan Excessive-Tech Ecosystem Centered by International APT Community
- Apr 15 – Nation-inform Mobile Malware Targets Syrians with COVID-19 Lures
- Apr 15 – Craft for Resilience: APT Community Chimera
- Apr 07 –APTs and COVID-19: How advanced chronic threats use the coronavirus as a lure
- Apr 07 –Original Ursnif Campaign: A Shift from PowerShell to Mshta
- Apr 07 – Decade of the RATs: Original APT Attacks Concentrating on Linux, Windows and Android
Might per chance likely additionally
- Might per chance likely additionally 29 – Russian Cyber Attack Campaigns and Actors
- Might per chance likely additionally 28 – The zero-day exploits of Operation WizardOpium
- Might per chance likely additionally 26 – From Agent.BTZ to ComRAT v4: A ten‑year whisk
- Might per chance likely additionally 21 – The Evolution of APT15’s Codebase 2020
- Might per chance likely additionally 21 – Iranian Chafer APT Centered Air Transportation and Authorities in Kuwait and Saudi Arabia
- Might per chance likely additionally 21 – No “Sport over” for the Winnti Community
- Might per chance likely additionally 19 – Subtle Espionage Community Turns Attention to Telecom Suppliers in South Asia
- Might per chance likely additionally 18 – APT-C-23 center East
- Might per chance likely additionally 14 – LOLSnif – Monitoring One other Ursnif-Based mostly Centered Campaign
- Might per chance likely additionally 14 – RATicate: an attacker’s waves of files-stealing malware
- Might per chance likely additionally 14 – Vendetta-recent possibility actor from Europe
- Might per chance likely additionally 14 – Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
- Might per chance likely additionally 14 –APT Community Planted Backdoors Concentrating on Excessive Profile Networks in Central Asia
- Might per chance likely additionally 14 – COMpfun authors spoof visa utility with HTTP station-essentially based fully Trojan
- Might per chance likely additionally 13 – Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks
- Might per chance likely additionally 12 –Tropic Trooper’s Befriend: USBferry Attack Targets Air-gapped Environments
- Might per chance likely additionally 11 – Centered Attacks on Indian Authorities and Monetary Institutions Using the JsOutProx RAT
- Might per chance likely additionally 11 – Up up to now BackConfig Malware Concentrating on Authorities and Defense pressure Organizations in South Asia
- Might per chance likely additionally 07 – Introducing Blue Mockingbird
- Might per chance likely additionally 07 – Naikon APT: Cyber Espionage Reloaded
- Might per chance likely additionally 06 – Phantom within the Divulge Shell
- Might per chance likely additionally 06 – Leery Turtle Chance Legend
- Might per chance likely additionally 05 – Nazar: Spirits of the Past
June
- Jun 30 – StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
- Jun 29 – PROMETHIUM extends world reach with StrongPity3 APT
- Jun 26 – WastedLocker: Symantec Identifies Wave of Attacks In opposition to U.S. Organizations
- Jun 25 – A end quiz on the advanced methods susceptible in a Malaysian-centered APT campaign
- Jun 24 – BRONZE VINEWOOD Targets Present Chains
- Jun 23 – WastedLocker: A Original Ransomware Variant Developed By The Negative Corp Community
- Jun 19 – Centered Attack Leverages India-China Border Dispute to Entice Victims
- Jun 18 – Digging up InvisiMole’s hidden arsenal
- Jun 17 – Operation In(ter)ception: Aerospace and militia corporations within the crosshairs of cyberspies
- Jun 17 – AcidBox: Rare Malware Repurposing Turla Community Exploit Centered Russian Organizations
- Jun 17 – Multi-stage APT attack drops Cobalt Strike the use of Malleable C2 characteristic
- Jun 16 – Cobalt: methods and instruments replace
- Jun 15 – India: Human Rights Defenders Centered by a Coordinated Spyware and adware Operation
- Jun 11 – Original Android Spyware and adware ActionSpy Revealed thru Phishing Attacks from Earth Empusa
- Jul 11 – Gamaredon team grows its sport
- Jun 08 – TA410: The Community In the help of LookBack Attacks In opposition to U.S. Utilities Sector Returns with Original Malware
- Jun 08 – GuLoader? No, CloudEyE
- Jun 03 – Original LNK attack tied to Higaisa APT chanced on
- Jun 03 – Cycldek: Bridging the (air) gap
July
- Jul 29 – Operation North Star: A Job Supply That’s Too Staunch to be Factual?
- Jul 22 – OilRig Targets Heart Eastern Telecommunications Group and Provides Original C2 Channel with Steganography to Its Inventory
- Jul 22 –MATA: Multi-platform centered malware framework
- Jul 15 – THE FAKE CISCO: Hunting for backdoors in Unfounded Cisco devices
- Jul 14 – TURLA / VENOMOUS BEAR UPDATES ITS ARSENAL: “NEWPASS” APPEARS ON THE APT THREAT SCENE
- Jul 14 – Welcome Chat as a stable messaging app? Nothing will seemingly be additional from the reality
- Jul 12 – SideWinder 2020 H1
- Jul 09 – Cosmic Lynx: The Upward push of Russian BEC
- Jul 09 –More cross: A deep quiz at Evilnum and its toolset
- Jul 08 – Reproduction cat of APT Sidewinder ?
- Jul 08 – [proofpoint] TA410: The Community In the help of LookBack Attacks In opposition to U.S. Utilities Sector Returns with Original Malware
- Jul 08 – Operation ‘Honey Entice’: APT36 Targets Defense Organizations in India
- Jul 06 – North Korean hackers are skimming US and European purchasers
- Jul 01 – [Lookout] Mobile APT Surveillance Campaigns Concentrating on Uyghurs
- Aug 27 – The Kittens Are Befriend in Metropolis 3
- Aug 28 – Clear Tribe: Evolution prognosis, fragment 2
- Aug 20 – DEVELOPMENT OF THE ACTIVITY OF THE TA505 CYBERCRIMINAL GROUP
- Aug 20 –More Proof of APT Hackers-for-Hire Outmoded for Industrial Espionage
- Aug 18 – [F-Secure] LAZARUS GROUP CAMPAIGN TARGETING THE CRYPTOCURRENCY VERTICAL
- Aug 13 – [Kaspersky] CactusPete APT team’s up up to now Bisonal backdoor
- Aug 13 – [ClearSky] Operation ‘Dream Job’ Standard North Korean Espionage Campaign
- Aug 12 – [Kaspersky] Web Explorer and Windows zero-day exploits susceptible in Operation PowerFall
- Aug 10 – [Seqrite] Gorgon APT focusing on MSME sector in India
September
- Sep 30 – APT‑C‑23 team evolves its Android spyware and spyware and adware
- Sep 29 – Palmerworm: Espionage Gang Targets the Media, Finance, and Other Sectors
- Sep 29 – ShadowPad: recent verbalize from the Winnti team
- Sep 25 – German-made FinSpy spyware and spyware and adware chanced on in Egypt, and Mac and Linux versions printed
- Sep 25 –APT-C-43 steals Venezuelan militia secrets to give intelligence toughen for the reactionaries — HpReact campaign
- Sep 24 – detecting empires within the cloud
- Sep 23 –Operation SideCopy
- Sep 22 – APT28 Delivers Zebrocy Malware Campaign the use of NATO Theme as Entice
- Sep 17 – Operation Tibbar
- Sep 08 –TeamTNT verbalize targets Weave Scope deployments
- Sep 03 – NO REST FOR THE WICKED: EVILNUM UNLEASHES PYVIL RAT
- Sep 01 –Chinese language APT TA413 Resumes Concentrating on of Tibet Following COVID-19 Themed Financial Espionage Campaign Turning in Sepulcher Malware Concentrating on Europe
October
- Oct 27 – North Korean Developed Continual Chance Focal point: Kimsuky
- Oct 23 – APT-C-44 NAFox
- Oct 22 – Bitter CHM
- Oct 19 –Operation Earth Kitsune: Monitoring SLUB’s Present Operations
- Oct 15 – Operation Quicksand – MuddyWater’s Offensive Attack In opposition to Israeli Organizations
- Oct 14 – [MalwareByte] Nonetheless Librarian APT honest on schedule for 20/21 academic year
- Oct 13 – [WeiXin] Operation Rubia cordifolia
- Oct 07 – [BlackBerry] BlackBerry Uncovers Big Hack-For-Hire Community Concentrating on Governments, Businesses, Human Rights Groups and Influential Folk
- Oct 06 – [Malwarebytes] Release the Kraken: Fileless APT attack abuses Windows Error Reporting provider
- Oct 05 – [Kaspersky] MosaicRegressor: Lurking within the Shadows of UEFI
November
- Nov 17 – CHAES: Original Malware Concentrating on Latin American E-Commerce
- Nov 17 – Japan-Linked Organizations Centered in Long-Running and Subtle Attack Campaign
- Nov 16 – TA505: A Brief Historical past Of Their Time
- Nov 16 – A Detailed Timeline of a Chinese language APT Espionage Attack Concentrating on South Eastern Asian Authorities Institutions
- Nov 12 – CRAT wishes to plunder your endpoints
- Nov 12 – The CostaRicto Campaign: Cyber-Espionage Outsourced
- Nov 12 –
- Nov 10 – Original APT32 Malware Campaign Targets Cambodian Authorities
- Nov 06 – [Volexity] OceanLotus: Extending Cyber Espionage Operations Thru Unfounded Internet sites
- Nov 04 – [Sophos] A recent APT uses DLL facet-hundreds to “KilllSomeOne”
- Nov 01 – [Cyberstanc] A seek for into APT36’s (Clear Tribe) tradecraft
December
- Dec 30 – [Recorded Future] SolarWinds Attribution: Are We Getting Sooner than Ourselves?
- Dec 29 – [Uptycs] Revenge RAT focusing on users in South The US
- Dec 23 – [Kaspersky] Lazarus covets COVID-19-linked intelligence
- Dec 22 – [Truesec] Collaboration between FIN7 and the RYUK team, a Truesec Investigation
- Dec 19 – [VinCSS] Inspecting recent malware of China Panda hacker team at possibility of attack present chain in opposition to Vietnam Authorities Certification Authority
- Dec 17 – [ClearSky] Pay2Kitten
- Dec 17 – [ESET] Operation SignSight: Present‑chain attack in opposition to a certification authority in Southeast Asia
- Dec 16 – [Team Cymru] Mapping out AridViper Infrastructure Using Augury’s Malware Module
- Dec 15 – [WeiXin] APT-C-47 ClickOnce Operation
- Dec 15 – [hvs consulting] Greetings from Lazarus Anatomy of a cyber espionage campaign
- Dec 13 – [Fireeye] Highly Evasive Attacker Leverages SolarWinds Present Chain to Compromise A whole lot of World Victims With SUNBURST Backdoor
- Dec 09 – [Trend Micro] SideWinder Uses South Asian Disorders for Spear Phishing, Mobile Attacks
- Dec 07 – [Group-IB] The footprints of Raccoon: a legend about operators of JS-sniffer FakeSecurity distributing Raccoon stealer
- Dec 02 – [ESET] Turla Crutch: Preserving the “help door” originate
- Dec 03 – [Telsy] Adversary Monitoring Legend
- Dec 01 – [CISA] Developed Continual Chance Actors Concentrating on U.S. Mediate Tanks
- Dec 01 – [Prevasio] OPERATION RED KANGAROO: INDUSTRY’S FIRST DYNAMIC ANALYSIS OF 4M PUBLIC DOCKER CONTAINER IMAGES
2021 Attacks checklist So Far
January
- Jan 31 – [JPCERT] A41APT case ~ Evaluation of the Stealth APT Campaign Threatening Japan
- Jan 28 – [ClearSky] “Lebanese Cedar” APT: World Lebanese Espionage Campaign Leveraging Web Servers
- Jan 20 – [JPCERT] In most cases Known Tools Outmoded by Lazarus
- Jan 20 – [Cybie] A Deep Dive Into Patchwork APT Community
- Jan 14 – [Positive] Higaisa or Winnti? APT41 backdoors, susceptible and recent
- Jab 12 – [ESET] Operation Spalax: Centered malware attacks in Colombia
- Jan 12 – [Yoroi] Opening “STEELCORGI”: A Subtle APT Swiss Military Knife
- Jan 12 – [NCCgroup] Abusing cloud services to waft under the radar
- Jan 11 – [Palo Alto Networks] xHunt Campaign: Original BumbleBee Webshell and SSH Tunnels Outmoded for Lateral Bolt
- Jan 11 – [CrowdStrike] SUNSPOT: An Implant within the Gather Course of
- Jan 11 – [Kaspersky] Sunburst backdoor – code overlaps with Kazuar
- Jan 08 – [Certfa] Charming Kitten’s Christmas Gift
- Jan 07 – [Prodaft] Brunhilda DaaS Malware Evaluation Legend
- Jan 06 – [CISCO] A Deep Dive into Lokibot Infection Chain
- Jan 06 – [Malwarebytes] Retrohunting APT37: North Korean APT susceptible VBA self decode methodology to inject RokRat
- Jan 05 – [QuoIntelligence] ReconHellcat Uses NIST Theme as Entice To Raise Original BlackSoul Malware
- Jan 05 – [Trend Micro] Earth Wendigo Injects JavaScript Backdoor to Provider Worker for Mailbox Exfiltration
- Jan 04 – [CheckPoint] Stopping Serial Killer: Catching the Next Strike: Dridex
- Jan 04 – [Medium] APT27 Turns to Ransomware
- Jan 04 – [Nao-Sec] Royal Avenue! Re:Dive
Febrary
- Feb 28 – [Recorded Future] China-linked Community RedEcho Targets the Indian Strength Sector Amid Heightened Border Tensions
- Feb 25 – [Proofpoint] TA413 Leverages Original FriarFox Browser Extension to Aim the Gmail Accounts of World Tibetan Organizations
- Feb 25 – [Kaspersky] Lazarus targets defense change with ThreatNeedle
- Feb 25 – [TeamT5] APT10: Monitoring down the stealth verbalize of the A41APT campaign
- Feb 24 – [MalwareBytes] LazyScripter: From Empire to double RAT
- Feb 24 – [Amnesty] Click on and Bait: Vietnamese Human Rights Defenders Centered with Spyware and adware Attacks
- Feb 22 – [CheckPoint] The Memoir of Jian – How APT31 Stole and Outmoded an Unknown Equation Community 0-Day
- Feb 17 – [Cybleinc] Confucius APT Android Spyware and adware Targets Pakistani and Other South Asian Regions
- Feb 10 – [Lookout] Lookout Discovers Original Confucius APT Android Spyware and adware Linked to India-Pakistan Battle
- Feb 09 – [Palo Alto Networks] BendyBear: Original Chinese language Shellcode Linked With Cyber Espionage Community BlackTech
- Feb 08 – [CheckPoint] Home Kitten – An Internal Search on the Iranian Surveillance Operations
- Feb 03 – [Palo Alto Networks] Hildegard: Original TeamTNT Malware Concentrating on Kubernetes
- Feb 02 – [ESET] Kobalos – A complex Linux possibility to high efficiency computing infrastructure
- Feb 01 – [VinCSS] ElephantRAT (Kunming version): our most up-to-date chanced on RAT of Panda and the similarities with unprejudiced nowadays Smanager RAT
- Feb 01 – [ESET] Operation NightScout: Present‑chain attack targets on-line gaming in Asia
March
- Mar XX – [CSET] Lecturers, AI, and APTs
- Mar 30 – [Kaspersky] APT10: refined multi-layered loader Ecipekac chanced on in A41APT campaign
- Mar 30 – [proofpoint] BadBlood: TA453 Targets US and Israeli Scientific Learn Personnel in Credential Phishing Campaigns
- Mar 18 – [Prodaft] SilverFish Community Chance Actor Legend
- Mar 10 – [Bitdefender] FIN8 Returns with Improved BADHATCH Toolkit
- Mar 10 – [Intezer] Original Linux Backdoor RedXOR Seemingly Operated by Chinese language Nation-Relate Actor
- Mar 02 – [Volexity] Operation Change Marauder: Energetic Exploitation of A whole lot of Zero-Day Microsoft Change Vulnerabilities
- Mar 02 – [Microsoft] HAFNIUM focusing on Change Servers with 0-day exploits
April
- Apr 28 – [Fireeye] Ghostwriter Replace: Cyber Espionage Community UNC1151 Seemingly Conducts Ghostwriter Affect Task
- Apr 27 – [Positive] Lazarus Community Recruitment: Chance Hunters vs Head Hunters
- Apr 23 – [Bitdefender] NAIKON – Traces from a Defense pressure Cyber-Espionage Operation
- Apr 23 – [Darktrace] APT35 ‘Charming Kitten’ chanced on in a pre-contaminated atmosphere
- Apr 20 – [FireEye] Test Your Pulse: Suspected APT Actors Leverage Authentication Bypass Systems and Pulse Trusty Zero-Day
- Apr 19 – [SentinelOne] A Deep Dive into Zebrocy’s Dropper Docs
- Apr 19 – [MalwareBytes] Lazarus APT conceals malicious code within BMP image to tumble its RAT
- Apr 13 – [Sentire] Hackers Flood the Web with 100,000 Malicious Pages, Promising Experts Free Industry Sorts, But Turning in Malware, Reports eSentire
- Apr 13 – [Kaspersky] Zero-day vulnerability in Desktop Window Supervisor (CVE-2021-28310) susceptible within the wild
- Apr 09 – [TrendMicro] Iron Tiger APT Updates Toolkit With Developed SysUpdate Malware
- Apr 08 – [CheckPoint] Iran’s APT34 Returns with an Up up to now Arsenal
- Apr 08 – [ESET] (Are you) afreight of the unlit? Peek out for Vyveva, recent Lazarus backdoor
- Apr 07 – [CISCO] Sowing Discord: Reaping the advantages of collaboration app abuse
Might per chance likely additionally
Might per chance likely additionally
Listed are essentially the most unhealthy APT attacks of the year 2019-2020, we help the checklist up up to now with the recent attacks reported on a fashioned foundation.
You furthermore might can agree to us on Linkedin, Twitter, Facebook for each day Cybersecurity and hacking knowledge updates
Source credit : cybersecuritynews.com
